Change int to Py_ssize_t in several places.

Add (int) casts to silence compiler warnings.
Raise Python exceptions for overflows.

Author: loewis

Modules/posixmodule.c

@@ -2317,9 +2317,9 @@ posix__exit(PyObject *self, PyObject *args)
 
 #if defined(HAVE_EXECV) || defined(HAVE_SPAWNV)
 static void
-free_string_array(char **array, int count)
+free_string_array(char **array, Py_ssize_t count)
 {
-	int i;
+	Py_ssize_t i;
 	for (i = 0; i < count; i++)
 		PyMem_Free(array[i]);
 	PyMem_DEL(array);
@@ -2341,7 +2341,7 @@ posix_execv(PyObject *self, PyObject *args)
 	char *path;
 	PyObject *argv;
 	char **argvlist;
-	int i, argc;
+	Py_ssize_t i, argc;
 	PyObject *(*getitem)(PyObject *, Py_ssize_t);
 
 	/* execv has two arguments: (path, argv), where
@@ -2410,7 +2410,7 @@ posix_execve(PyObject *self, PyObject *args)
 	char **argvlist;
 	char **envlist;
 	PyObject *key, *val, *keys=NULL, *vals=NULL;
-	int i, pos, argc, envc;
+	Py_ssize_t i, pos, argc, envc;
 	PyObject *(*getitem)(PyObject *, Py_ssize_t);
 	int lastarg = 0;
 

Objects/enumobject.c

@@ -216,7 +216,7 @@ static PyObject *
 reversed_next(reversedobject *ro)
 {
 	PyObject *item;
-	long index = ro->index;
+	Py_ssize_t index = ro->index;
 
 	if (index >= 0) {
 		item = PySequence_GetItem(ro->seq, index);

Objects/genobject.c

@@ -177,7 +177,7 @@ gen_del(PyObject *self)
          * never happened.
          */
         {
-                int refcnt = self->ob_refcnt;
+                Py_ssize_t refcnt = self->ob_refcnt;
                 _Py_NewReference(self);
                 self->ob_refcnt = refcnt;
         }

Objects/object.c

@@ -1172,7 +1172,7 @@ PyObject_SetAttr(PyObject *v, PyObject *name, PyObject *value)
 PyObject **
 _PyObject_GetDictPtr(PyObject *obj)
 {
-	long dictoffset;
+	Py_ssize_t dictoffset;
 	PyTypeObject *tp = obj->ob_type;
 
 	if (!(tp->tp_flags & Py_TPFLAGS_HAVE_CLASS))
@@ -1212,7 +1212,7 @@ PyObject_GenericGetAttr(PyObject *obj, PyObject *name)
 	PyObject *descr = NULL;
 	PyObject *res = NULL;
 	descrgetfunc f;
-	long dictoffset;
+	Py_ssize_t dictoffset;
 	PyObject **dictptr;
 
 	if (!PyString_Check(name)){

Objects/stringobject.c

@@ -3679,6 +3679,7 @@ _PyString_FormatLong(PyObject *val, int flags, int prec, int type,
 	Py_ssize_t i;
 	int sign;	/* 1 if '-', else 0 */
 	int len;	/* number of characters */
+	Py_ssize_t llen;
 	int numdigits;	/* len == numnondigits + numdigits */
 	int numnondigits = 0;
 
@@ -3707,7 +3708,12 @@ _PyString_FormatLong(PyObject *val, int flags, int prec, int type,
 		return NULL;
 	}
 	buf = PyString_AsString(result);
-	len = PyString_Size(result);
+	llen = PyString_Size(result);
+	if (llen > INT_MAX) {
+		PyErr_SetString(PyExc_ValueError, "string too large in _PyString_FormatLong");
+		return NULL;
+	}
+	len = (int)llen;
 	if (buf[len-1] == 'L') {
 		--len;
 		buf[len] = '\0';
@@ -3941,12 +3947,12 @@ PyString_Format(PyObject *format, PyObject *args)
 			PyObject *temp = NULL;
 			char *pbuf;
 			int sign;
-			int len;
+			Py_ssize_t len;
 			char formatbuf[FORMATBUFLEN];
 			     /* For format{float,int,char}() */
 #ifdef Py_USING_UNICODE
 			char *fmt_start = fmt;
-		        int argidx_start = argidx;
+			Py_ssize_t argidx_start = argidx;
 #endif
 
 			fmt++;
@@ -4139,8 +4145,10 @@ PyString_Format(PyObject *format, PyObject *args)
 				if (c == 'i')
 					c = 'd';
 				if (PyLong_Check(v)) {
+					int ilen;
 					temp = _PyString_FormatLong(v, flags,
-						prec, c, &pbuf, &len);
+						prec, c, &pbuf, &ilen);
+					len = ilen;
 					if (!temp)
 						goto error;
 					sign = 1;

Objects/typeobject.c

@@ -4244,7 +4244,8 @@ slot_sq_contains(PyObject *self, PyObject *value)
 		}
 	}
 	else if (! PyErr_Occurred()) {
-		result = _PySequence_IterSearch(self, value,
+		/* Possible results: -1 and 1 */
+		result = (int)_PySequence_IterSearch(self, value,
 						 PY_ITERSEARCH_CONTAINS);
 	}
 	return result;
@@ -4880,7 +4881,7 @@ slot_tp_del(PyObject *self)
 	 * never happened.
 	 */
 	{
-		int refcnt = self->ob_refcnt;
+		Py_ssize_t refcnt = self->ob_refcnt;
 		_Py_NewReference(self);
 		self->ob_refcnt = refcnt;
 	}

Python/bltinmodule.c

@@ -2514,7 +2514,7 @@ static PyObject *
 filterunicode(PyObject *func, PyObject *strobj)
 {
 	PyObject *result;
-	register int i, j;
+	register Py_ssize_t i, j;
 	Py_ssize_t len = PyUnicode_GetSize(strobj);
 	Py_ssize_t outlen = len;
 

Python/exceptions.c

@@ -764,7 +764,7 @@ static PyObject *
 SyntaxError__init__(PyObject *self, PyObject *args)
 {
     PyObject *rtnval = NULL;
-    int lenargs;
+    Py_ssize_t lenargs;
 
     if (!(self = get_self(args)))
 	return NULL;
@@ -889,7 +889,7 @@ SyntaxError__str__(PyObject *self, PyObject *args)
 	    PyErr_Clear();
 
 	if (have_filename || have_lineno) {
-	    int bufsize = PyString_GET_SIZE(str) + 64;
+	    Py_ssize_t bufsize = PyString_GET_SIZE(str) + 64;
 	    if (have_filename)
 		bufsize += PyString_GET_SIZE(filename);
 

Python/import.c

@@ -853,7 +853,7 @@ write_compiled_module(PyCodeObject *co, char *cpathname, time_t mtime)
 	/* Now write the true mtime */
 	fseek(fp, 4L, 0);
 	assert(mtime < LONG_MAX);
-	PyMarshal_WriteLongToFile(mtime, fp, Py_MARSHAL_VERSION);
+	PyMarshal_WriteLongToFile((long)mtime, fp, Py_MARSHAL_VERSION);
 	fflush(fp);
 	fclose(fp);
 	if (Py_VerboseFlag)
@@ -1016,7 +1016,7 @@ get_path_importer(PyObject *path_importer_cache, PyObject *path_hooks,
 		  PyObject *p)
 {
 	PyObject *importer;
-	int j, nhooks;
+	Py_ssize_t j, nhooks;
 
 	/* These conditions are the caller's responsibility: */
 	assert(PyList_Check(path_hooks));
@@ -1075,7 +1075,7 @@ static struct filedescr *
 find_module(char *fullname, char *subname, PyObject *path, char *buf,
 	    size_t buflen, FILE **p_fp, PyObject **p_loader)
 {
-	int i, npath;
+	Py_ssize_t i, npath;
 	size_t len, namelen;
 	struct filedescr *fdp = NULL;
 	char *filemode;
@@ -2028,7 +2028,7 @@ get_parent(PyObject *globals, char *buf, Py_ssize_t *p_buflen, int level)
 
 	modpath = PyDict_GetItem(globals, pathstr);
 	if (modpath != NULL) {
-		int len = PyString_GET_SIZE(modname);
+		Py_ssize_t len = PyString_GET_SIZE(modname);
 		if (len > MAXPATHLEN) {
 			PyErr_SetString(PyExc_ValueError,
 					"Module name too long");

Python/marshal.c

@@ -186,7 +186,7 @@ w_object(PyObject *v, WFILE *p)
 			n = strlen(buf);
 			w_byte(TYPE_FLOAT, p);
 			w_byte((int)n, p);
-			w_string(buf, n, p);
+			w_string(buf, (int)n, p);
 		}
 	}
 #ifndef WITHOUT_COMPLEX
@@ -215,16 +215,16 @@ w_object(PyObject *v, WFILE *p)
 				PyComplex_RealAsDouble(v));
 			PyFloat_AsReprString(buf, temp);
 			Py_DECREF(temp);
-			n = (int)strlen(buf);
-			w_byte(n, p);
-			w_string(buf, n, p);
+			n = strlen(buf);
+			w_byte((int)n, p);
+			w_string(buf, (int)n, p);
 			temp = (PyFloatObject*)PyFloat_FromDouble(
 				PyComplex_ImagAsDouble(v));
 			PyFloat_AsReprString(buf, temp);
 			Py_DECREF(temp);
-			n = (int)strlen(buf);
-			w_byte(n, p);
-			w_string(buf, n, p);
+			n = strlen(buf);
+			w_byte((int)n, p);
+			w_string(buf, (int)n, p);
 		}
 	}
 #endif
@@ -248,8 +248,14 @@ w_object(PyObject *v, WFILE *p)
 			w_byte(TYPE_STRING, p);
 		}
 		n = PyString_GET_SIZE(v);
+		if (n > INT_MAX) {
+			/* huge strings are not supported */
+			p->depth--;
+			p->error = 1;
+			return;
+		}
 		w_long((long)n, p);
-		w_string(PyString_AS_STRING(v), n, p);
+		w_string(PyString_AS_STRING(v), (int)n, p);
 	}
 #ifdef Py_USING_UNICODE
 	else if (PyUnicode_Check(v)) {
@@ -262,8 +268,13 @@ w_object(PyObject *v, WFILE *p)
 		}
 		w_byte(TYPE_UNICODE, p);
 		n = PyString_GET_SIZE(utf8);
+		if (n > INT_MAX) {
+			p->depth--;
+			p->error = 1;
+			return;
+		}
 		w_long((long)n, p);
-		w_string(PyString_AS_STRING(utf8), n, p);
+		w_string(PyString_AS_STRING(utf8), (int)n, p);
 		Py_DECREF(utf8);
 	}
 #endif
@@ -350,8 +361,13 @@ w_object(PyObject *v, WFILE *p)
 		PyBufferProcs *pb = v->ob_type->tp_as_buffer;
 		w_byte(TYPE_STRING, p);
 		n = (*pb->bf_getreadbuffer)(v, 0, (void **)&s);
+		if (n > INT_MAX) {
+			p->depth--;
+			p->error = 1;
+			return;
+		}
 		w_long((long)n, p);
-		w_string(s, n, p);
+		w_string(s, (int)n, p);
 	}
 	else {
 		w_byte(TYPE_UNKNOWN, p);